Citrix Synergy – Schroders gets radical with full-on VDI

Profile picture for user mbanks By Martin Banks May 29, 2019
The venerable City of London based asset management business has opted for use of virtual desktops to provide inherent data security, maximum flexibility for its staff, and management/infrastructure cost savings.

Paul Baird is Head of Global Communications at UK-based multinational asset management business, Schroders. As such, he is responsible for ensuring that just about anything considered to be `communications’ happens as intended, effectively, reliably and securely. When you consider that the £2.6 billion turnover business has 15 subsidiaries around the world (and Japan Airlines) that represents a fairly hefty level of communication.

Most of that is data communications these days. A recent innovation has involved a hefty move to Citrix VDI services as part of a major rationalisation of the whole company’s infrastructure. This has included moving the London complement of six separate offices into two new, purpose-built offices that have been have been designed with hot-desking in mind. As Baird observes, there are only a few people, such as the CEO, who warrant a permanent des and it is the nature of the asset and wealth management business that much of the work is geared to personal relationships between the asset owners and the Schroder Fund Managers. In such circumstances, desks are often left unoccupied.

Together with a data center upgrade came a major rework of the company’s global network and, as the communications glue, Citrix VDI virtual desktops for all the staff. It went live last September. Prior to this staff worked with a mixture of laptop and desktop systems via the LAN. Baird explains: 

What we were trying to do is make as much of a collaborative workspace as humanly possible and give everyone the ability to have their desktop, and through that their work, their data, their contacts - anything that they were working on – and any other services that we give them as global technology, anywhere in the building. Whether or not they are in a meeting room, an auditorium, or an impromptu collaborative meeting by sitting down beside someone. What this also gave us was a very clear mandate to build a far more flexible approach to working within our environment.

Go on, be radical

This makes Schroders something of a radical business within the City of London, a place where change is still rather frowned upon. When pushed, he acknowledged that Schroders now `stands out’. But the effect has been positive:

The feedback we've had from other tech companies and also from the current user community, and also from people that are coming in as new hires, has been terrific. It's working really, really well, to the extent that I think we’re becoming the victims of our own success a little bit.

One of the things they are trying to do is just enable people to work from wherever they want, whenever they want. He accepts that, these days, people may well need to work slightly non-standard hours, more in the evenings, or at the weekends due to family commitments.

Wealth management is a slightly different business to many, of course, because there is less emphasis on straight forward `selling’. It is more a case of negotiating a management and investment package that will look after a client’s financial position in the most advantageous way. This does beg the question as to whether the change to a VDI-based solution has any implications on security, especially if client meetings are held in third party locations over public telephone networks. Baird says: 

It's an interesting question. One of the challenges we face is that customer data is very confidential. We manage the finances of a lot of people who would really prefer that everything remained private.

This is, however, the key advantage of VDI over almost every other communications model. No data ever leaves the Schroder data center, with pixel streams only ever displaying an accurate representation of what an application is doing back on the server. If the user makes changes they are sent back as pixel streams. The common opinion is that the pixel streams cannot be read even if tapped into, but Baird encodes them anyway, as secondary security.

He is aware of obvious issues that VDI cannot control, such as the risks of people reading over shoulders in coffee shops. But staff are trained against such situations, and there is the added benefit of not having to worry about laptops being lost or stolen, for no sensitive company data is on them. This also solves the classic vulnerability patching issue when individual laptops are carrying live, and sensitive, data, for the bottom line is that they don’tL:

Users can now log in anywhere, anytime, and from absolutely any device. We even talk about BYDD – Bring Your Daughter’s Device. We’re waiting for a senior exec to turn up with a pink iPad.

Joking aside, this does mean that, so long as staff can authenticate themselves properly they can work with any device, including a smartphone. This takes away a significant slice of management overhead in controlling the status of individual laptops, and in having to provide staff with top-of-the-range systems to ensure that they can do their jobs effectively. All the processing is done, and the data held, back on well-defended servers in the company data center.

VDI and new opportunities

Limited bandwidth has often been cited in the past as weakness for VDI solutions, but he sees little problem so far: there is a `quite beefy’ network capacity Within the Schroders IT estate. The company has just finished rolling out a new global network covering 27 countries and the planning has included consideration of upcoming developments such as widespread use of video conferencing and unified communications. For example, he sees 4k video capabilities as now being de rigueur for a business such as Schroders.

There can be occasional issues when some staff are working from home, but this is usually dependent on a range of outside issues, such as the actual telco service capability at the location, down to even what others are then doing. Baird observes:

Is someone watching Netflix at the same time? Contention in the last mile can be a problem. But the broadband capability in the UK tends to be not too bad unless someone lives in a poor service area.

Video conferencing is now a frontline tool for the business, with the number of video conferencing rooms available in the new buildings rising from 25 to over 200. The company also trains staff in its use so they are familiar with it. This is important because it is now used not just within the business, but in interactions between the business and its clients.

It is also increasing its potential for penetrating new markets. For example, the company recently made some acquisitions in Switzerland and now makes extensive use of video conferencing to manage and develop those businesses.

Baird is starting to look hard at what new services this commitment to VDI delivery might make available, such as providing outsourcing services to other businesses and, of course, the management of further possible acquisitions:

It is interesting because, you know, 14 or 15 years ago, we could all do VDI. You know, what we've really tried to do is move to the big lift of VDI in a way that gives us as much leverage as possible with new technology and instead of the old school kind of idea.